Examples with ProtectionDomain java.security.ProtectionDomain used on opensource projects

Example 86 with ProtectionDomain

use of java.security.ProtectionDomain in project head by mifos.

the class OSGILauncher method setupSecurityPolicy.

protected void setupSecurityPolicy() throws FrameworkException {
    String eclipseSecurity = (String) properties.get(PROP_ECLIPSE_SECURITY);
    if (eclipseSecurity != null) {
        // setup a policy that grants the launcher and path for the
        // framework AllPermissions.
        // Do not set the security manager, this will be done by the
        // framework itself.
        ProtectionDomain domain = OSGILauncher.class.getProtectionDomain();
        CodeSource source = null;
        if (domain != null)
            source = OSGILauncher.class.getProtectionDomain().getCodeSource();
        if (domain == null || source == null) {
            throw new FrameworkException("Can not automatically set the security manager. Please use a policy file.");
        }
        // get the list of codesource URLs to grant AllPermission to
        URL[] rootURLs = new URL[] { source.getLocation(), osgiFramework };
        // replace the security policy
        Policy eclipsePolicy = new OSGIPolicy(Policy.getPolicy(), rootURLs);
        Policy.setPolicy(eclipsePolicy);
    }
}

Example 87 with ProtectionDomain

use of java.security.ProtectionDomain in project spring-boot by spring-projects.

the class LogbackLoggingSystem method getLocation.

private Object getLocation(ILoggerFactory factory) {
    try {
        ProtectionDomain protectionDomain = factory.getClass().getProtectionDomain();
        CodeSource codeSource = protectionDomain.getCodeSource();
        if (codeSource != null) {
            return codeSource.getLocation();
        }
    } catch (SecurityException ex) {
    // Unable to determine location
    }
    return "unknown location";
}

Example 88 with ProtectionDomain

use of java.security.ProtectionDomain in project spring-boot by spring-projects.

the class Launcher method createArchive.

protected final Archive createArchive() throws Exception {
    ProtectionDomain protectionDomain = getClass().getProtectionDomain();
    CodeSource codeSource = protectionDomain.getCodeSource();
    URI location = (codeSource == null ? null : codeSource.getLocation().toURI());
    String path = (location == null ? null : location.getSchemeSpecificPart());
    if (path == null) {
        throw new IllegalStateException("Unable to determine code source archive");
    }
    File root = new File(path);
    if (!root.exists()) {
        throw new IllegalStateException("Unable to determine code source archive from " + root);
    }
    return (root.isDirectory() ? new ExplodedArchive(root) : new JarFileArchive(root));
}

Example 89 with ProtectionDomain

use of java.security.ProtectionDomain in project spring-framework by spring-projects.

the class CallbacksSecurityTests method setUp.

@Before
public void setUp() throws Exception {
    final ProtectionDomain empty = new ProtectionDomain(null, new Permissions());
    provider = new SecurityContextProvider() {

        private final AccessControlContext acc = new AccessControlContext(new ProtectionDomain[] { empty });

        @Override
        public AccessControlContext getAccessControlContext() {
            return acc;
        }
    };
    DefaultResourceLoader drl = new DefaultResourceLoader();
    Resource config = drl.getResource("/org/springframework/beans/factory/support/security/callbacks.xml");
    beanFactory = new DefaultListableBeanFactory();
    new XmlBeanDefinitionReader(beanFactory).loadBeanDefinitions(config);
    beanFactory.setSecurityContextProvider(provider);
}

Example 90 with ProtectionDomain

use of java.security.ProtectionDomain in project spring-framework by spring-projects.

the class CallbacksSecurityTests method testTrustedExecution.

@Test
public void testTrustedExecution() throws Exception {
    beanFactory.setSecurityContextProvider(null);
    Permissions perms = new Permissions();
    perms.add(new AuthPermission("getSubject"));
    ProtectionDomain pd = new ProtectionDomain(null, perms);
    new AccessControlContext(new ProtectionDomain[] { pd });
    final Subject subject = new Subject();
    subject.getPrincipals().add(new TestPrincipal("user1"));
    // request the beans from non-privileged code
    Subject.doAsPrivileged(subject, new PrivilegedAction<Object>() {

        @Override
        public Object run() {
            // sanity check
            assertEquals("user1", getCurrentSubjectName());
            assertEquals(false, NonPrivilegedBean.destroyed);
            beanFactory.getBean("trusted-spring-callbacks");
            beanFactory.getBean("trusted-custom-init-destroy");
            // the factory is a prototype - ask for multiple instances
            beanFactory.getBean("trusted-spring-factory");
            beanFactory.getBean("trusted-spring-factory");
            beanFactory.getBean("trusted-spring-factory");
            beanFactory.getBean("trusted-factory-bean");
            beanFactory.getBean("trusted-static-factory-method");
            beanFactory.getBean("trusted-factory-method");
            beanFactory.getBean("trusted-property-injection");
            beanFactory.getBean("trusted-working-property-injection");
            beanFactory.destroySingletons();
            assertEquals(true, NonPrivilegedBean.destroyed);
            return null;
        }
    }, provider.getAccessControlContext());
}